OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: snsadvlac.co.jp
Date: Thu Dec 27 2001 - 23:17:23 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    ----------------------------------------------------------------------
    SNS Advisory No.47
    DeleGate Cross Site Scripting Vulnerability

    Problem first discovered: Wed, 26 Dec 2001
    Published: Fri, 28 Dec 2001
    ----------------------------------------------------------------------

    Overview:
    ---------
      DeleGate, a multifunctional Proxy server program, contains a
      vulnerability related to a cross site scripting.

    Problem Description:
    --------------------
      DeleGate, a multifunctional Proxy server program, is prone to a cross
      site scripting vulnerability under the following specific conditions:

      * When there is an URL that displays the error message "403 Forbidden"
      * When the administrator displays his/her own configured error message
        using the MOUNT option

      The configuration that complies with these conditions will result in
      automatic execution of JavaScript code on the Web user's browser, if
      the attacker makes the following link, and the user clicks it:

      http://IP_Address_of_DeleGate/>alert("aaa");</script>

    Tested Versions:
    ----------------
      DeleGate/7.7.1
      DeleGate/7.7.0

    Solution:
    ---------
      This problem can be eliminated by upgrading to DeleGate/7.8.0, which
      is available at the following URL:

      http://www.delegate.org/delegate/

    Discovered by:
    --------------
      Satoshi ISHIZUKA (LAC)
      Keigo YAMAZAKI (LAC)

    Disclaimer:
    -----------
      All information in these advisories are subject to change without any
      advanced notices neither mutual consensus, and each of them is released
      as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences
      caused by applying those information.

    References:
    -----------
      Archive of this advisory:
      http://www.lac.co.jp/security/english/snsadv_e/47_e.html

    ------------------------------------------------------------------
    Secure Net Service(SNS) Security Advisory <snsadvlac.co.jp>
    Computer Security Laboratory, LAC http://www.lac.co.jp/security/
    -------------------------------------------------------------------